2nd October 2013
One of the world's largest networks of computers remotely controlled by criminals, has been partially disabled.
Global antivirus software vendor Symantec says that it has 'sinkholed' (disabled) more than half a million of the estimated 1.9 million infected computers which form the worldwide 'army' of bots … small computer programs which are used to infect connected computers for purposes of fraud, spying and denial of service attacks on websites.
The botnet – known as ZeroAccess – is one of the largest known in existence. Active since 2011, it is thought to generate tens of millions of dollars every year. Its operators make money from the Windows machines infected by ZeroAccess by instructing the computers to virtually click on web adverts, escalating income for an affiliate ad network or mine for new Bitcoin online currency. Because this botnet uses peer-to-peer (computer-to-computer) communication, there is no central control server, making it extremely difficult to target and close down.
Symantec is working with ISPs and government computer security teams worldwide to help to clean infected machines.